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REMARKS/ARGUMENTS 

Claims 1-32 are pending in the application. Claims 22-32 are withdrawn from 
consideration. Claims 1-21 are rejected. No new matter has been introduced into the 
application. As explained in more detail below, Applicants submit that all claims are in 
condition for allowance and respectfully request such action. 

Claim Rejections - 35 USC S102 

Claims 1, 2, 3, and 5 to 19 stand rejected under 35 USC § 102(b) as being anticipated by 
Rothermel (U.S. Patent No. 6,678,827). The AppUcants respectfully traverse the rejection in 
view of the Remarks below. 

In the previous Amendment, claim 1 was amended to more clearly indicate the recited 
security policy is "written in a security protocol independent security policy language." At most 
Rothermal teaches distributing a security policy template to network security devices. 
Rothermal does not teach or suggest using a security protocol independent security policy 
language to create such a policy template or the policy itself. As indicated in paragraph 6 of the 
present application, a security framework that is security protocol independent can support 
multiple cryptographic technologies. Moreover, as indicated in paragraph 43 of the present 
application, abstracting underlying protocols facilitates interoperability with other svstems . This 
is in contrast to the system disclosed in Rotheraiel in which the security policy template must use 
the existing security protocols utilized by the network security devices, as explained in more 
detail below. 

The Office Action alleges that Col. 13, line 30 to Col. 14, line 13 of Rothermal 
demonstrates a system having interoperability with multiple OSs, and therefore must be utilizing 
a security policy written in a security protocol independent security policy language. The 
Applicants respectfully disagree with such an interpretation since the cited text explicitly states: 
In the illustrated embodiment, the NSD is a security apphance device capable of 
executing the Linux ope rating svstem ...The NSD software components include 
a version of the Linux OS kernel 610 which is capable of executing on the NSD 
to provide various OS functionalitv (e.g., TCP/IP support, network drivers, etc.). 

Rothermel at Col. 13, lines 33 - 43; emphasis added. Indeed, the cited text further discusses 
software components "which interacts directly with the OS", such as the packet filter engine, the 
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firewall component, and fiinctionality-specific drivers (e.g., VPN drivers). Therefore, since all 
the devices are managed in conjunction with the LINUX OS, there is no use or motivation to 
even consider applying a security policy written in a security protocol independent security 
policy language. The Applicants note that Rothermel later mentions that the LINUX OS could 
be replaced, there is no mention or suggested to mix in other OSs together or amend the current 
setup discussed in relation to Fig. 6 for which the Office Action cites. 

In fact, Rothermal merely discloses a system for managing multiple related network 
security devices with a security poUcy template. Rothermel never states or even suggests that the 
multiple security devices assigned to a specific supervisor device utilize a security policy written 
in a security protocol independent language. Rather, a copy of a security policy template is sent 
to related network security devices fi-om a supervisor device. There is no specific teaching or 
suggestion that the template is even written in a security protocol independent language, rather 
that the template is tailored towards specific devices. The Applicants cannot locate any 
disclaimer to this interpretation. 

The Applicants fiirther disagree with the allegation that Col. 7, lines 3-57 shows a 
security policy written in a security protocol independent language. The relevant portion of the 
cited text states: 

When a user of the manager device desires to establish or modify a security 
policy for one or more NSDs such as NSDs 130 and 140, the user first selects one 
of the security policy templates 113 or creates a new security policy template. 
Security policy templates are discussed in greater detail below with respect to 
FIG. 3. The manager device then determines the one or more primary supervisor 
devices for the NSDs of interest, such as bv retrieving this information fi-om its 
specific security policy information 116. If this information is not stored bv the 
manager device, the manager device can obtain the information in a variety of 
ways, such as by querying the NSDs of interest or by querying the various known 
supervisor devices . 

emphasis added. As explained throughout the text of Rothermel, a copy of a specific security 
policy template is sent to related network security devices fi-om a supervisor device. If the 
systems of Rothermel could utilize a security protocol independent language, there would be no 
reason to query specific supervisor devices or otherwise determine appropriate supervisor 
devices, because any of them could be utilized. For example, as seen in Figure 1 and explained 
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in Col. 6, only certain network security devices are in communication with certain supervisor 
devices. 

For at least these reasons, the Applicant respectfully submits that claim 1 is in condition 
for allowance. Claims 2, 3, and 5 to 19 ultimately depend from claim 1 and are in condition for 
allowance for at least the same reasons as claim 1. 

Claim Rejections - 35 USC $103 

Claims 4, 20, and 21 stand rejected under 35 USC § 103(a) as being unpatentable over 
Rothermel as applied to claim 1 above, and further in view of Saulpaugh (U.S. Patent 

No. 6,850,979). 

Claims 4, 20 and 21 each ultimately depend from claim 1 and are in condition for 
allowance for at least the same reasons as claim 1. 



CONCLUSION 

The claims as now presented are beUeved to be in allowable condition. No new matter 
has been introduced into the application. In light of the above arguments, applicants respectfully 
request reconsideration of the application and allowance of all pending claims. The Examiner is 
invited to contact the undersigned should it be deemed necessary to facilitate prosecution of the 
appHcation, 

RespectftiUy submitted, 

Date: /t^** SO^ zoOim 




Shawn P. Gorman 
Registration No. 56,197 
BANNER & WITCOFF, LTD. 
10 S.Wacker Drive 
Suite 3000 

Chicago, IL 60606-7407 
Telephone: 312-463-5000 
Facsimile: 312-463-5001 
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